Messages

1

23.7 Legacy Series / Re: Solution for interfaces changing around

« on: November 11, 2023, 05:54:22 pm »

Passive-aggressive much? I already said that I've tried to search for it and failed. Apparently you're better at it but there's no reason to be an asshole about it. Anyway, thanks... I guess...?

2

23.7 Legacy Series / Solution for interfaces changing around

« on: November 11, 2023, 03:42:40 pm »

Hello everyone

I know for a fact that this very topic was being discussed in the past but, for the life of me, I wasn't able to find it again.

So, I'm using OPNsense under hypervisor (moving from vSphere to Proxmox right now) and the quirk that gives me headaches is the fact that when I add or remove virtual network interface(s) on hypervisor level, FreeBSD (and thus OPNsense's) IF names (like opt<number>) get reassigned and the whole configuration basically gets FUBAR'd until sorted out manually, while the GF screams "What's happened to the Internet?" from another room while doing so.

I seem to recall there was some optional tool that allowed one to bind IF name to its MAC address, solving this mess once and for all. Could anyone point me to this, pretty please?

Regards,
Zbig

3

22.7 Legacy Series / DHCP service "Additional Pools" logic

« on: January 19, 2023, 12:04:05 am »

Hello

I have a case where a couple of clients from my network have to get assigned some non-default DNS servers but I don't want to setup a separate (V)LAN for them. Figured that would be a perfect use case for DHCP server's "Additional Pools" given how it allows me to carve out a separate pool from the network and configure pretty much everything the "main" pool allows. As there doesn't seem to be a separate "DHCP Static Mappings" section for additional pools, I reckoned I'll just make a regular ("top-level") DHCP mapping, assign an IP from my additional pool there, leave the "DNS servers" fields empty and this way it would fetch proper DNS IP's from the additional pool's configuration. This turned out not to be the case: the clients in question got assigned the default, system-wide DNS address.

Am I doing something wrong here? If the "main/additional" DHCP pool configurations are not being resolved hierarchically the way I was expecting them to and the additional pools don't offer their own DHCP reservation UI, what is the practical use case for having them in the first place?

Cheers,
Zbig

4

22.1 Legacy Series / Re: OPNsense on ESXI - MAC mismatch at reboot

« on: May 24, 2022, 11:42:55 am »

Also (or alternatively), leave the Interfaces / [if_name] / MAC address fields empty in OPNsense and use the vSphere's features to bind static MACs to IFs if needed. If you use both, the two of them clash when FreeBSD decides to shuffle IF names around.

5

22.1 Legacy Series / Re: 22.1.7 upgrade

« on: May 10, 2022, 09:53:50 pm »

Seems to be browser related. More discussion at https://www.reddit.com/r/opnsense/comments/umhx04/opnsense_2217_released/

6

22.1 Legacy Series / Re: 22.1.7 upgrade

« on: May 10, 2022, 09:29:24 pm »

The update seems to have gone through just fine when initiated from CLI.

7

22.1 Legacy Series / Re: 22.1.7 upgrade

« on: May 10, 2022, 06:31:20 pm »

It was the same for me, only instead of rebooting immediately, I've navigated away from the stuck update log to find an error report waiting to be sent to developers. There was some error message regarding Phalcon mentioned. I have sent the report and restored my VM from the snapshot. Now when I want to retry the update, it fails to fetch it - it seems they have temporarily shut down the update servers or something. Sorry to say, but I'm not sure you have ended up with properly updated instance, after all...

8

22.1 Legacy Series / Unified firewall and port forward ruleset for multi-WAN setup

« on: March 27, 2022, 08:15:07 pm »

I use a dual-WAN setup where I have a main cable broadband interface that's backed up by a failover mobile broadband interface and I use default gateway switching for the failover/switch-back. I use several port forward and firewall rules for incoming traffic that are currently assigned to the main WAN interface only. Is there any elegant way of making them apply to both primary and the secondary WAN that is short of manually duplicating them? Would the use of floating firewall rules and assigning port forwards to both WAN networks do the trick?

9

22.1 Legacy Series / Re: Persistent NIC ordering/naming basedon MAC address(es)

« on: February 18, 2022, 08:36:10 am »

Yeah, it is kind of an issue. My instance runs on VMware and it took me some time to realize what was going on that the mere act of adding a new network interface to the VM was shuffling all my interface assignments around. The fact that I had (needlessly) assigned a spoofed MAC on one of the interfaces at OPNsense level and after the mixup the OS was suddenly trying to configure the same MAC on two different IFs, just added to the confusion.

10

22.1 Legacy Series / Re: Console video/text mode

« on: February 15, 2022, 02:36:54 pm »

Got this sorted out by adding screen.font=10x18 to my tunables. For the list of available font sizes: ls /boot/fonts

Used information from https://forums.freebsd.org/threads/changing-tty-resolution.79529/

@karlson2k: there's some other good info there, like efi_max_resolution that might work in your case.

11

22.1 Legacy Series / Re: Firewall filter - allow inbound access by MAC address

« on: February 13, 2022, 11:33:10 am »

I have done it using aliases. Defined an alias of type “MAC Address” under “Firewall / Aliases” and referred to it in my firewall rule as a source. Not sure how it works exactly under the hood. I believe it just resolves the MAC to IP when the time to reload aliases comes and uses that IP in the packet filter from now on so it might not be accurate/secure enough in some cases?

12

22.1 Legacy Series / Re: Console video/text mode

« on: February 02, 2022, 03:06:38 pm »

What I have also tried:

• Escaping to loader prompt at boot, then typing "mode 3"
• Adding a tunable "hw.vga.textmode=3"

None of these succeeded. But never mind, it doesn't really matter I was just curious because with previous version the "large console" sort of happened automagically for me. Thanks, anyway.

13

22.1 Legacy Series / Re: Console video/text mode

« on: February 02, 2022, 02:27:19 pm »

You are right that I had it set for BIOS! When I thought I was being extra careful with how I set up my VM, I still managed to mess that up.

However, even with EFI, while the font indeed gets slimmer and the line count changes from 25 to 31, the columns stay at 80 and it still doesn't get nowhere near the 21.7-level of font smallness and information density.

14

22.1 Legacy Series / Console video/text mode

« on: February 02, 2022, 11:18:17 am »

Hello

Is there any way to configure the video mode used in console on 22.1? Back when using 21 series, my VMware VM's console output looked like <Exhibit_1>: information-dense, with nice, small and slim font. But when switched to 22.1 (by means of creating a fresh VM, clean install and XML config import), it is now using 80x25 mode with chunky fonts as per <Exhibit_2>. I can't seem to recall ever manually changing any setting that could be related to that. Also, I was using os-vmware plugin with 21 as I am with 22.1. Needless to say, it doesn't make me lose any sleep but I'd appreciate any suggestions.

EDITed to add:
Please note the first screenshot (from series 21) got clipped width-wise by the forum software so it doesn't fully convey the difference as seen IRL.

Cheers and thank you for all the great work,
Zbig